REMARKS 

With this response, claims 1 and 21 are amended. Claims 3-6, 15-20 and 22-30 have been 
cancelled. Claims 31-35 have been added. Therefore, claims 1, 2, 7-14, 21 and 31-35 are 
pending. 

Claim Rejections - 35 U.S.C. § 1 12 

Claims 1, 2, 7-14 and 21 were rejected under 35 U.S.C. § 1 12, first paragraph, as failing 
to comply with the written description requirement. The Office Action asserts that independent 
claims 1 and 21 are not supported by the specification, and thus all remaining dependent claims 
are not supported by the specification. Applicants contend that independent claims I and 21, as 
amended, are clearly described in the specification. 

Claim 1 as amended recites "executing firmware instructions to initialize a supplicant 
system into system management mode during a pre-boot phase." Support for this claim element 
may be found, for example, in FIG. 1 , reference element 102, and paragraph [0018] of the 
specification: u [i]n a block 102, early system initialization if performed by loading and executed 
portions of the system firmware" 

Claim 1 as amended further recites "receiving a network boot request for the supplicant 
system to boot from an operating system (OS) image accessible over a network." Support for this 
claim element may be found, for example, in FIG. 1, reference element 1 10, and paragraph 
[0023] of the specification: "a determination is made in a decision block 1 10 to whether a 
network boot request is made." 

Claim 1 as amended further recites "authenticate a network port coupled to the supplicant 
system and an authenticator system, wherein the OS image to boot the supplicant system is 
accessible through the network port " Support for this claim element may be found, for example, 
in FIG. 1, reference elements 1 14, 1 16 and paragraph [0025] of the specification: "a block 114.. 
. is executed ... to authenticate the port . . . [o]nce authenticated, an operating system image is 
loaded from the network store in a block 116." 

Claim 1 as amended further recites "transmitting information identifying the supplicant 
system to an authenticator system." Support for this claim element may be found, for example, in 
FIG. 3, reference element 318 and paragraph [0059] of the specification: u [s]upplicant 300 then 
sends an Identity Response 3 1 8 " 
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Claim 1 as amended further recites "transmitting authentication credentials to the 
authenticator system." Support for this claim element may be found, for example, in FIG. 3, 
reference element 326 and paragraph [0064] of the specification: "Supplicant 300 sends 
authentication credentials." 

Claim 1 as amended further recites "booting the OS in the supplicant system using the 
OS image accessible over the network in response to the network boot request." Support for this 
claim element may be found, for example, in FIG. 1, reference element 1 16 and paragraph 
[0025] of the specification: "an operating system image is loaded from the network store in a 
block 116." 

Claim 1 as amended further recites "executing an OS operation requesting port 
authentication for the network port." Support for this claim element may be found, for example, 
in FIG. 1, reference element 120 and paragraph [0026] of the specification: "In accordance with 
aspects of the invention, a mechanism is provided to enable OS runtime port authentication in an 
OS agnostic manner." 

Claim I as amended further recites "executing the port authentication firmware 
instructions in response to the OS operation request " Support for this claim element may be 
found, for example, in FIG. 1, reference element 134 and paragraph [0029]: "[s]upplicant 
[firmware] code is executed to authenticate the port ... in a manner similar to block 1 14." 

Independent claim 21 as amended recites similar features as claim 1. The remaining 
claims presented depend from the independent claims. Applicants respectfully contend that 
support for claim 21 and the remaining dependent claims is contained in the specification for at 
least the reasons stated above. Applicants respectfully request the withdrawal of this rejection. 

Rejections under 35 U.S.C S 1 12 

Claims 1-14, 21-24 were rejected under 35 U.S.C. § 1 12, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
Applicants regard as the invention. The Office Action on page 4 asserts that "[t]he claims require 
performing network port authentication during the pre-boot phase using authentication 
credential [s] that have yet to be received, which renders the claim indefinite." Applicants 
respectfully disagree. 
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Independent claims 1 and 21 are not directed towards acquiring said credentials, but 

transmitting said credentials for use in port authentication to an authenticator system. As 

paragraph [0014] teaches: 

An "Authentication Server" is an entity that provides an authentication service to an 
authenticator. This service determines,//ww the credentials provided by the supplicant, 
whether the supplicant is authorized to access the services provided by the authenticator. 

Thus, Applicants respectfully contend that no limitations towards the acquisition of authorization 
credentials need be specified in the independent claims, as specific methods directed towards 
acquisition of authentication credentials is not the subject matter being claimed. For example, 
paragraph [0071] of the specification describes an example device utilizing an embodiment of 
the invention. "In one embodiment, a [trusted platform module] TPM 613 in which 
authentication credentials are stored is coupled to motherboard 608." Therefore, Applicants 
respectfully request the withdrawal of this rejection. 

Rejections under 35 U.S.C S 103 

Claims 1, 2, 9-14 and 21 were rejected under 35 U.S.C. § 103(a) as being unpatentable 
over U.S. Patent Application Publication No. 2004/0158735 of Roese (hereinafter "Roese"), in 
view of U.S. Patent Application Publication No. 2004/0250126 of Buer (hereinafter "Buer"). 

Applicants respectfully assert that these claims are not rendered obvious by the cited 
references for at least the following reason: the references, alone and in combination, fail to 
disclose or suggest at least one feature of the invention as recited in the amended independent 
claims . 

The Office Action on page 4, in rejecting claim 1 under 35 U.S.C. § 1 12 U 2, states that it 
is not clear from the disclosures of claim 1 (as previously presented) which operations occur 
before the supplicant system is booted, and "[therefore, for the purposes of examination the 
claims will be treated as having all operations occur after booting has occurred." 

Claim 1 as amended recites loading port authentication firmware instructions in a 
supplicant system during a pre-boot phase and invoking the port authentication firmware in 
response to a network boot request for the supplicant system. Thus, Applicants respectfully 
contend that claim 1 as amended clearly recites a network port is authenticated subsequent to 
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receiving a network boot request — i.e., booting has not yet occurred. Independent claim 22 
recites similar features. 

The Office Action on page 5 cites Roese, specifically FIG.l and paragraphs [0015] and 
[0030], as disclosing "the limitation of loading port authentication firmware instructions in a 
supplicant system during a pre-boot phase." Applicants point out that the Office Action cites 
Roese with the interpretation that the operations disclosed by claim 1 "occur after booting has 
occurred." Applicants respectfully disagree with the Office Action's assertion that Roese 
discloses loading port authentication firmware instructions in a supplicant system during a pre- 
boot phase and invoking the port authentication firmware in response to a network boot 
request for the supplicant system. 

Roese contains no disclosures directed towards a "pre-boot" phase, or a "network boot 
request" as recited in amended claim I. Paragraph [0015] discloses that Roese is directed 
towards a "relay function monitors the port interface for such request identity messages." 
Paragraph [0030] discloses "firmware" that "enable[s] implementation of 802. IX PAE 
functionality for low-end network entry devices without the cost associated with complete per 
network entry device implementation." FIG. 1 of Roese further discloses "an example network 
system with the relay function of the present invention " Thus, as Applicants have understood the 
reference, the cited portions of Roese disclose port firmware instructions to relay messages, but 
fail to disclose any instructions to authenticate a network port subsequent to receiving a network 
boot request. Therefore, Roese cannot be cited to disclose loading port authentication firmware 
instructions in a supplicant system during a pre-boot phase and invoking the port authentication 
firmware in response to a network boot request for the supplicant system as recited in claims 1 
and 22. 

Buer is not cited to cure the deficiencies of Roese, and indeed fails to cure the 
deficiencies of Roese as Buer contains no disclosures directed towards a "pre-boot phase" or a 
"network boot request." Thus, whether alone or in combination, Roese and Buer fail to disclose 
loading port authentication firmware instructions in a supplicant system during a pre-boot phase 
and invoking the port authentication firmware in response to a network boot request for the 
supplicant system as recited in claims 1 and 22. Claims 2 and 9-14 depend from claim 1. Per 
MPEP § 2143.03, claims that depend from nonobvious independent claims are likewise 
nonobvious over the references. 
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Claims 7-8 were rejected under 35 U.S.C. § 103(a) as being unpatentable over Roese, in 
view of Buer, and in further view of U.S. Patent No. 6,300,863 of Cotichini (hereinafter 
"Cotichini"). Cotichini is not cited to cure the defect of Roese and Buer, and indeed fails to cure 
the defects of Roese and Buer as Cotichini contains no disclosures directed towards a "pre-boot 
phase" or a "network boot request " Thus, whether alone or in combination, Roese, Buer and 
Cotichini fail to disclose loading port authentication firmware instructions in a supplicant system 
during a pre-boot phase and invoking the port authentication firmware in response to a 
network boot request for the supplicant system as recited in claims 1 and 22. Claims 7 and 8 
depend from claim 1 . Per MPEP § 2143.03, claims that depend from nonobvious independent 
claims are likewise nonobvious over the references. 

New claims 31-35 depend from claim 22. The deficiencies of Roese, Buer and Cotichini 
with respect to claim 22 are discussed above. Per MPEP § 2143.03, claims that depend from 
nonobvious independent claims are likewise nonobvious over the references. 
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Conclusion 

For at least the foregoing reasons, Applicants submit that the rejections have been 
overcome. Therefore, all pending claims are in condition for allowance, and such action is 
earnestly solicited. The Examiner is respectfully requested to contact the undersigned by 
telephone if such contact would further the examination of the present application. 

Please charge any shortages and credit any overcharges to our Deposit Account number 
02-2666. 

Respectfully submitted, 

BLAKELY, SOKOLOFF, TAYLOR & ZAFMAN, LLP 

Date: February 25. 2009 /Gregory p. Caldwell/ 

Gregory D. Caldwell 
Reg. No. 39,926 
Attorney for Applicants 

1 279 Oakmead Parkway 
Sunnyvale, CA 94085-4040 

(503) 439-8778 

I hereby certify that this correspondence is being submitted electronically via EPS Web on the date shown below. 

Date: February 25, 2009 /Vivian Ue/ 

Vivian Lee 
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